|
|
Family: CGI abuses --> Category: attack
VideoDB Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for the version of VideoDB
Detailed Explanation for this Vulnerability Test
The remote host is VideoDB, a web based video dabatase manager written
in PHP.
The remote version of this software is vulnerable to a SQL injection
vulnerability due to a lack of filtering on user-supplied input. An
attacker may exploit this flaw to modify the remote database.
This software may be vulnerable to an unauthorized access vulnerability
in the file 'edit.php' which may allow a possible hacker to edit database
entries.
Solution : Upgrade to VideoDB 2.0.2 or later
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
